<?php
/**
 * Created by PhpStorm.
 * User: longyuanmoqi
 * Date: 2016/11/27
 * Time: 9:34
 */
if ($password==$row['password']){
    session_start();
    $_SESSION['userinfo']=array(
        'id'=>$row['id'],
        'username'=>$username
    );
    header('Location:user.php');
    die;
}
$error=array();
if(!empty($_POST)){
    $username=isset($_POST['username'])? trim($_POST['username']):'';
    $password=isset($_POST['password'])? $_POST['password']:'';
    require 'check_form.lib.php';
    if (($result=checkUsername($username)) !==true) $error[]=$result;
    if(($result=checkPassword($password))  !==true) $error[]=$result;

if (!empty($error))
{     $link=mysqli_connect('localhost','root','');
    if(!$link){
        die('连接数据库失败！'.mysqli_error($link));
    }

    mysqli_query($link,'set names utf8');
    mysqli_query($link,'use`itcast`');
    $username=mysqli_real_escape_string($link,$username);
    $sql="select`id` from `user` where `username`='$username'";
    if($rst=mysqli_query($link,$sql)){
        $row=mysqli_fetch_assoc($rst);
        $password=md5($password);
        if($password==$row['password']){
            die('欢迎登录！');
        }
    }
    $error[]='用户名不存在或密码错误。';
  }
}
require 'login_html.php';

